github
/
dufs
mirror of https://gh.cary.cc/https://github.com/sigoden/dufs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: login btn does not work for readonly annoymous (#620)

pull/622/head
sigoden 2025-08-19 08:58:59 +08:00 committed by GitHub
parent f8a7873582
commit 4016715187
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 30 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
assets/index.js
View File

@ -534,7 +534,7 @@ async function setupAuth() {
$loginBtn.classList.remove("hidden"); $loginBtn.classList.remove("hidden");
$loginBtn.addEventListener("click", async () => { $loginBtn.addEventListener("click", async () => {
try { try {
await checkAuth(); await checkAuth("login");
} catch { } } catch { }
location.reload(); location.reload();
}); });
@ -782,9 +782,10 @@ async function saveChange() {
} }
} }
async function checkAuth() { async function checkAuth(variant) {
if (!DATA.auth) return; if (!DATA.auth) return;
const res = await fetch(baseUrl(), { const qs = variant ? `?${variant}` : "";
const res = await fetch(baseUrl() + qs, {
method: "CHECKAUTH", method: "CHECKAUTH",
}); });
await assertResOK(res); await assertResOK(res);

13
src/server.rs
View File

@ -211,7 +211,18 @@ impl Server {
} }
if method.as_str() == "CHECKAUTH" { if method.as_str() == "CHECKAUTH" {
*res.body_mut() = body_full(user.clone().unwrap_or_default()); match user.clone() {
Some(user) => {
*res.body_mut() = body_full(user);
}
None => {
if has_query_flag(&query_params, "login") || !access_paths.perm().readwrite() {
self.auth_reject(&mut res)?
} else {
*res.body_mut() = body_full("");
}
}
}
return Ok(res); return Ok(res);
} else if method.as_str() == "LOGOUT" { } else if method.as_str() == "LOGOUT" {
self.auth_reject(&mut res)?; self.auth_reject(&mut res)?;

16
tests/auth.rs
View File

@ -147,7 +147,7 @@ fn auth_no_skip_if_anonymous(
fn auth_check( fn auth_check(
#[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer, #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}index.html", server.url()); let url = format!("{}", server.url());
let resp = fetch!(b"CHECKAUTH", &url).send()?; let resp = fetch!(b"CHECKAUTH", &url).send()?;
assert_eq!(resp.status(), 401); assert_eq!(resp.status(), 401);
let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?; let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?;
@ -161,7 +161,7 @@ fn auth_check(
fn auth_check2( fn auth_check2(
#[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer, #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}index.html", server.url()); let url = format!("{}", server.url());
let resp = fetch!(b"CHECKAUTH", &url).send()?; let resp = fetch!(b"CHECKAUTH", &url).send()?;
assert_eq!(resp.status(), 401); assert_eq!(resp.status(), 401);
let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?; let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?;
@ -171,6 +171,18 @@ fn auth_check2(
Ok(()) Ok(())
} }
#[rstest]
fn auth_check3(
#[with(&["--auth", "user:pass@/:rw", "--auth", "@/dir1:rw", "-A"])] server: TestServer,
) -> Result<(), Error> {
let url = format!("{}dir1/", server.url());
let resp = fetch!(b"CHECKAUTH", &url).send()?;
assert_eq!(resp.status(), 200);
let resp = fetch!(b"CHECKAUTH", format!("{url}?login")).send()?;
assert_eq!(resp.status(), 401);
Ok(())
}
#[rstest] #[rstest]
fn auth_logout( fn auth_logout(
#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer, #[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer,